Debian DSA-1849-1 : xml-security-c - design flaw

It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to outpu...

Debian Security Advisory DSA 1849-1 (xml-security-c)

The remote host is missing an update to xml-security-c announced via advisory DSA 1849-1. OpenVAS Vulnerability Test $Id: deb18491.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1849-1 xml-security-c Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...

[Backports-security-announce] Security Update for xml-security-c

Russ Allbery uploaded new packages for xml-security-c which fixed the following security problems: CVE-2009-0217 CERT VU466161 It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed...

DSA-1849-1 xml-security-c - signature forgery

Bulletin has no description...